1 package org.apache.beehive.wsm.axis.security.model; 2 3 22 23 import java.util.Collection ; 24 25 26 import org.apache.beehive.wsm.axis.security.SecurityModel ; 27 28 import org.apache.axis.MessageContext; 29 import org.apache.axis.components.logger.LogFactory; 30 import org.apache.axis.security.AuthenticatedUser; 31 import org.apache.axis.security.SecurityProvider; 32 import org.apache.axis.security.simple.SimpleSecurityProvider; 33 import org.apache.axis.security.servlet.ServletSecurityProvider; 34 import org.apache.log4j.Logger; 35 36 public class AxisSecurityModel implements SecurityModel { 37 38 protected static Logger logger = Logger.getLogger(AxisSecurityModel.class); 39 40 public void init ( MessageContext msgContext ) 41 { 42 } 44 45 48 public boolean isUserInRole ( MessageContext msgContext, Collection <String > rolesAllowed ){ 49 50 if (logger.isDebugEnabled()) { 51 logger.debug("Enter: AxisSecurityModel::isUserInRole"); 52 } 53 54 SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER); 55 if ( provider instanceof ServletSecurityProvider ) 56 { 57 provider = new SimpleSecurityProvider(); 60 } 61 62 if (provider != null) { 63 String userID = msgContext.getUsername(); 64 if (logger.isDebugEnabled()) { 65 logger.debug("user : " + userID ); 66 } 67 68 if ( userID == null || userID.equals("") ) 70 { 71 logger.debug("userID is null"); 72 return false; 73 } 74 75 String passwd = msgContext.getPassword(); 76 if (logger.isDebugEnabled()) { 77 logger.debug("password : " + passwd ); 78 } 79 80 AuthenticatedUser authUser = provider.authenticate(msgContext); 81 82 if ( authUser == null) { 84 logger.debug("authuser is null"); 85 return false; 86 } 87 88 for ( String role : rolesAllowed ) 89 { 90 if (provider.userMatches( authUser, role ) ) 91 { 92 94 if (logger.isDebugEnabled()) { 95 logger.debug( "auth : " + userID + " is in role [" + role + "]"); 96 } 97 msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, authUser); 98 return true; 99 } 100 } 101 } 102 103 if (logger.isDebugEnabled()) { 104 logger.debug("Exit: AxisSecurityModel::isUserInRole"); 105 } 106 107 return false; 108 } 109 110 111 } 112 | Popular Tags |